2089 matches found
Debian DSA-723-1 : xfree86 - buffer overflow
A buffer overflow has been discovered in the Xpm library which is used in XFree86. A remote attacker could provide a specially crafted XPM image that could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
DEBIAN-CVE-2004-1009
Midnight commander mc 4.5.55 and earlier allows remote attackers to cause a denial of service infinite loop via unknown attack vectors...
gld 1.4 - Postfix Greylisting Daemon Remote Format String
/ 0x82-meOw-linuxerforever - gld 1.4 remote overflow format string exploit. c 2005 Team INetCop Security. Nickname of this code is, Kill two bird with one stone.' or, One shot, two kill!.' hehehe ;-D Advisory URL: http://x82.inetcop.org/h0me/adv1sor1es/INCSA.2005-0x82-026-GLD.txt It's as well as...
Salim Gasmi GLD (Greylisting Daemon) 1.x - Postfix Greylisting Daemon Buffer Overflow
// source: https://www.securityfocus.com/bid/13129/info It is reported that GLD contains a buffer overflow vulnerability. This issue is due to a failure of the application to properly ensure that a fixed-size memory buffer is sufficiently large prior to copying user-supplied input data into it...
Multiple Telnet clients fail to properly handle the "LINEMODE" SLC suboption
Overview Multiple Telnet clients contain a data length validation flaw which may allow a server to induce arbitrary code execution on the client host. Description The Telnet network protocol is described in RFC854 and RFC855 as a general, bi-directional communications facility. The Telnet protoco...
Debian Linux Netkit telnetd-ssl contains a format string vulnerability
Overview Debian Linux Netkit telnetd-ssl contains a format string vulnerability that may allow a remote attacker to execute arbitrary code. Description An unspecified format string vulnerability in Debian Linux Netkit telnetd-ssl may allow a remote attacker to execute arbitrary code on a vulnerab...
Debian Linux lintian symbolic links problem
Symbolic links problem on temporary files creation...
CVE-2004-1343
CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service server crash...
CVE-2004-0563
The tspc.conf configuration file in freenet6 before 0.9.6 and before 1.0 on Debian Linux has world readable permissions, which could allow local users to gain sensitive information, such as a username and password...
CVE-2004-0563
Summary of confirmed details for CVE-2004-0563: The issue affects the freenet6 client on Debian Linux prior to version 0.9.6 and prior to 1.0, where the tspc.conf file is world-readable, enabling local users to potentially read sensitive information such as usernames and passwords. The root cause...
CVE-2004-0563
The tspc.conf configuration file in freenet6 before 0.9.6 and before 1.0 on Debian Linux has world readable permissions, which could allow local users to gain sensitive information, such as a username and password...
[SECURITY] [DSA 441-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel)
-------------------------------------------------------------------------- Debian Security Advisory DSA 441-1 [email protected] http://www.debian.org/security/ Martin Schulze February 18th, 2004 http://www.debian.org/security/faq -...
Leksbot 1.2 - Multiple Vulnerabilities
Leksbot 1.2 - Multiple Vulnerabilities / source: https://www.securityfocus.com/bid/7505/info Multiple vulnerabilities have been reported for Leksbot. The precise nature of these vulnerabilities are currently unknown however, exploitation of this issue may result in an attacker obtaining elevated...
Leksbot 1.2 - Multiple Vulnerabilities
/ source: https://www.securityfocus.com/bid/7505/info Multiple vulnerabilities have been reported for Leksbot. The precise nature of these vulnerabilities are currently unknown however, exploitation of this issue may result in an attacker obtaining elevated privileges. This is because in some...
ProFTPD on Debian Linux postinst Installation Privilege Escalation
The following problems have been reported for the version of proftpd in Debian 2.2 potato: 1. There is a configuration error in the postinst script, when the user enters 'yes', when asked if anonymous access should be enabled. The postinst script wrongly leaves the 'run as uid/gid root'...
grpck-expl.pl
Hi packetstorm dudez! --- start here --- !/usr/bin/perl www.uhagr.org - [email protected] This is only a Proof of concept. /usr/sbin/grpck is not suid root by default. castle: /usr/sbin/grpck perl -e 'print "X"x2900' Segmentation fault castle: my $usage = Example: ./grpck-expl.pl 1 TARGETS: 1...
iDEFENSE Security Advisory 11.08.02a: File Disclosure Vulnerability in Simple Web Server
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 11.08.02a: http://www.idefense.com/advisory/11.08.02a.txt File Disclosure Vulnerability in Simple Web Server November 8, 2002 I. BACKGROUND As its name suggests, Peter Sandvik's Simple Web Server is a Linux-based web server...
Abuse 2.0 - Local Buffer Overflow
Abuse 2.0 - Local Buffer Overflow / source: https://www.securityfocus.com/bid/6094/info Vulnerabilities have been discovered in two files used by Abuse. By passing an execessively long commandline argument to Abuse, it is possible to overrun a buffer. Exploiting this issue could allow a local...
Abuse 2.0 - Local Buffer Overflow
/ source: https://www.securityfocus.com/bid/6094/info Vulnerabilities have been discovered in two files used by Abuse. By passing an execessively long commandline argument to Abuse, it is possible to overrun a buffer. Exploiting this issue could allow a local attacker to overwrite sensitive memor...
efingerd remote buffer overflow and a dangerous feature
Release : 6/3/2002 Author : Spybreak [email protected] Software: efingerd Versions: 1.3, 1.6.1 Problems: Remote buffer overflow and a dangerous feature Efingerd is a "finger daemon, giving you complete control over what are you going to display about your computer" as is written in the man page...